To perform this part of the demo, you need:
- Any Dropbox account. Your own Dropbox account will work on the demo device.
- To view security SASE policies, reference SD-WAN Orchestrator.
Cloud Web Security Custom Tunnel Policy
In SD-WAN Orchestrator, go to Cloud Web Security > Configure > Security Policies > Tunnel-Policy.
Block Dropbox Operations Policy
Drill into Tunnel-Policy. Go to CASB.
A custom security policy Block Dropbox Operations is configured. You can view the policy with read-only access.
Device Demo: Blocked Action
On the device, using Chrome, load Dropbox.com.
Attempt to CREATE a document. Create > Document > Word Document
The CREATE action is blocked by the Dropbox-specific Cloud Web Security policy.
View Web Logs
Next, we'll view the logged "block" action. In SD-WAN Orchestrator be sure you're still viewing Cloud Web Security.
Filtering Web Logs
In Monitor > Web Logs, filter by the following:
- Change the view to past 60 minutes.
- Filter the list to "Action is Block".
Filtered Web Logs
You should see your blocked action for Dropbox.
Cloud Web Security Integration with Workspace ONE Access
In TestDrive, Workspace ONE Access integration for name resolution is disabled for security reasons. This page is provide for your information.
Instead of unknown or anonymous users listed in Web Logs, Cloud Web Security can be integrated with Workspace ONE Access and other third-party IdPs for authentication and username resolution (as pictured).
Next, we'll inspect the network traffic on the WAN.